The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

block directory requests with mod_security

Discussion in 'Security' started by NightStorm, Mar 19, 2010.

  1. NightStorm

    NightStorm Well-Known Member

    Joined:
    Jul 28, 2003
    Messages:
    286
    Likes Received:
    4
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hey everyone, need someone who knows mod_security to give me a quick hand setting up a rule.
    What I want to do is block all access to a specific directory server-wide with mod_security.
    So say someone were to query www.mydomain.com/notreallyhere/... I want mod_security to intercept that request and 503 the user.
    Anyone know how to get a rule to do that?
     
  2. Secmas

    Secmas Well-Known Member

    Joined:
    Feb 18, 2005
    Messages:
    321
    Likes Received:
    0
    Trophy Points:
    16
    If you are using rules from GotRoot or ASL, modify the file called MALWARE-SCRITP.TXT and add in there the domain+directory that you want to block, easy as that.

    After you restart apache no one will enter into that directory anymore.

    Regards,

    Sergio
     
  3. NightStorm

    NightStorm Well-Known Member

    Joined:
    Jul 28, 2003
    Messages:
    286
    Likes Received:
    4
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Twitter:
    Not quite what I'm after...
    I want to catch all requests coming in to a specific directory across all sites on my server... irregardless of where the request is originating from.
    Also, I'm not using ASL rules... I have a different set of rules loaded... can't remember where I got them from... I think someone posted them here at some point, actually. Either way, it's somewhat unrelated to what I'm looking for.
     
  4. Secmas

    Secmas Well-Known Member

    Joined:
    Feb 18, 2005
    Messages:
    321
    Likes Received:
    0
    Trophy Points:
    16
    Well, in your first post you wrote:
    If you do as I said, everybody will be blocked trying to enter into that directory on that specific domain. But if you don't have GotRoot modsec rules, then what I wrote will not help you, sorry.

    On the other hand, you can write at AtomiCorp Forum (creators of GotRoot rules) asking for help on creating the rule that you need.

    Regards,

    Sergio
     
Loading...

Share This Page